Code any boto3 in AWS Lambda | Step by Step Coding | Stop EC2 Instance

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello boys and girls Roger back with another video I am an enterprise solutions architect working at AWS in this video we are going to learn how to code any bottle 3 so we are going to pick a very popular use case and then I'm gonna code with you guys and girls basically I'm going to show how I sites from the documentation how I find the relevant information and then how I put that into that curve all right so let's get into it the use case we are going to build is pretty common let's say an ec2 is started without a proper tag if that happens then we're gonna stop the ec2 and then we are going to send a threatening email to the employee so let's talk about high level design so the lambda has to be triggered by an event so in this case the event is an Amazon CloudWatch event so every time a a c2 comes up and starts running that could be that event and then that's going to trigger this lambda there are other kinds of events such as s3 in case you want to process something every time something is put or deleted from the s3 bucket you can put s3 as an event as well then the AWS lambda will have all the codes and that code in this case is going to reach out to Amazon ec2 gets the tags and then based on the tags maybe stop the ic2 and we will notify the employee right so the lambda has to have an iamb role which has to have the policy to access ec2 and SNS so a couple of things before we start coding so bottle 3 is a aw a software development kit for Python and you can call any AWS services using bottle 3 from code and there is a misconception out there that Obata 3 can only be used in lambda that's not true it's basically a SDK for Python right so you can write a regular code that code can run in ec2 we can swear but however lambda is a very very popular choice okay with that being said let's start coding okay I mean the I am console let's click roles create role and then choose a use case of select lambda click permissions so this lambda needs ec2 and SNS so I'm going to type in ec2 scroll down Amazon ec2 full access you can even give granular access but for this demo I'm just going to give full access because it's easier and then type in SNS Amazon SNS full access next tags next review role name I'm gonna give lambda and Oscar water 3 demo how about that k click create role okay role is created now let's go set up the event okay so for this event I'm gonna go to cloud watch so this is super handy in case you don't know a lot of times when a particular resource comes up or changes state they actually send a vent to cloud watch and you can trigger a lambda based on that so I'm in the cloud watch console let me make it a little bigger on the left you see these events and then rules so click this rules and then you click create rule so you can do either schedule in case you want to just schedule your lambda if not you can select see all these AWS services they send the event to cloud watch on anything changes so now we have our ec2 even type we want to say ec2 instance state change notification but you can see that different kinds of event EBS volume maybe a snapshot easy to spot interruptions so to spot request fulfillment etc so let's select ec2 instance state change notification and do you want for any state no we want for ec2 who which is running so anytime you see two starts running they will send this event and then we want to do this for any instance so then the important thing is show sample events click this so this will be the input to the lambda so I'm going to copy this and paste it in a notepad or something okay so this is the JSON lambda is gonna get in the event on the right we have the targets so I'm actually gonna go click create a lambda and then add that as a target okay I'm in the lambda console I'm gonna click create function my function name how about you see to check tags okay I'm gonna do Python 3.6 choose a creative execution rule remember we created the role we named it lambda bottle 3 demo click create function okay so let's start coding so we know that input at this point right so this will be the input so let's look up what bottle 3 function we need to call to get the tags from the IC 2 so I'm gonna go to trusty google and type in water 3 easy to click this okay so it says hey do you import bottle 3 and initialize a client connection so I'm just gonna copy this go back to my lambda test it so generally I will codeine like cloud 9 or something but I wanted to keep the additional overhead minimum for this video because maybe some of you are not used to doing cloud 9 we copy pasted the line let's go back to bottle 3 now we gotta find which function we need to use so you might have to search a little bit for this as the names are pretty self-explanatory describes the describe is generally when you get some information right see if I scroll down scroll down aha describe tags right so if I click this so it's gonna say describe the specific tags for your ec2 instances so this is this is the function we need to use so it takes dry run and then filters so filters is the main thing this is where you pass the resource ID so basically that's the instanceid Max results probably how many results I can get back the maximum number of results next token so all of these are optional all only thing we need is filters so so what I'm gonna do is copy this okay go to our lambda so this I have to put in the body okay so dry run we don't need we don't need next token and Max results I'm going to delete all that as well okay so now let's find out how do we code this filter thing let's go back to bottle three okay so name string so basically okay so the name has to have these values resource ID resource type so has an idea of the resource so this will be the idea of a situ okay that's pretty straightforward okay ctrl C go back to the lambda so here we're gonna put this here and this should be the instance ID what are we getting the instance ID from remember it's coming from the event so this is the instance ID under detail right so whether I extract that so how about we give you C to underscore instance underscore ID equals to event so event is the input so it's under details and among the details it is instance ID pretty straightforward no we don't need a loop or anything okay I got the instanceid let's copy this and then here we just gonna past this so at this point before I coat the whole thing what I do is like I see how the response is coming back then we are going to talk about how to process the tags and SMEs all that stuff okay so I'm gonna save this and I'm gonna create a test event configure test events okay and then I want to show you guys and go something so see there's a template I mean maybe you are triggering your lambda from s3 see you can select Amazon s3 put and it's gonna give you a JSON so you can actually test your lambda without putting something in s3 but for us we already know that JSON that's coming because we got it from the cloud watch event event named test1 now to test it I need to put an actual instance ID right like that's running so let's see if there's an ec2 running in Maya SS account okay so this is running it has a bunch of tags which is good so I'm just gonna get the instance ID so this is the instance ID right so I'm just going to copy this go back to my lambda and just passed it here right it doesn't matter here the resources don't matter here you can keep it as is because we are picking up this detail instance ID as our instance ID click create okay let's just it out shall we okay so go up yeah okay so this is how the tags coming back I'm gonna copy this passed it in my trusty notepad okay so I reformat it a little bit so that you guys and girls can see it so basically all the tags are coming under these tags field and then there's a list okay and then it's literally key and value pair so this is the key and this is the value okay let's put a flag in we're going to set this flag up if the special tag is there we're gonna keep Daisy - up else we're gonna stop it you as in this case our ec2 instance does not have the special tag special underscore exception right so we should get the flag a stop it's not gonna change but let's test it out okay so it is printing the tags nicely just the keys and then stop so basically but let's just out the positive kiss as well we go to the AC to add a tag okay there click Save go back to a lambda click text okay it says do not stop so our logic is working so now we're gonna do decision making basically stop die c2 and also send us an S so now let's research how to stop an ec2 using bottle three man there's a lot of both of the function for AC - okay stop instances should be pretty straightforward okay client that stop instances and then instance IDs and then hibernate drive and force only thing required is the instance IDs okay I'm gonna delete all this because this is all optional stuff I don't need instance IDs we already have the instance ID so this is the instance ID okay so now the next part is sending email so I'm gonna use SNS so I'm in SMS I already have a bad image SNS topic that I'm gonna use this has one subscription to one of my emails we have to find bottle three for SNS right so I'm just gonna go back to Google and do bottle three SMS okay okay this doesn't have that many commands which is good okay we are looking for something that's like a publish email or like something okay here's a publish one response it going to climb the publish and then you have the topic iron target and for number message so let's see only thing required so we need the topic on for sure I don't know it's as optional you can you can control two other ones okay the message is required and then subject we need it for email okay so let's try this so I'm gonna copy this whole thing so we're gonna initiate a client for SNS sorry girl copy this go back to lambda okay so here I'm gonna put SNS client how about that okay go down to the code okay so topic Erin should be the topic this is the topic Erin so I'm just going to make a variable SNS ran equals to this okay this is the email subject you see to violated company policy is it talking enough about manager will be notified mmm I think this is proper level of threatening don't you guys and girls get this emails like you will do like a very simple thing which like doesn't do any harm or anything but then he will get this email and then you will be like oh my god you gotta have this talk with your manager I'm going to open my email mailbox as well okay this is my emails I confirm subscription it says that you're gonna get messages from this one okay so now the lambda is ready but we still need to go back and put this lambda in our cloud watch rule right so let's go back to our cloud watch click add target and then okay you know what I think we need to get out and come back in because we created the lambda after we came back to this rule screen target easy too easy to chat tags okay this is good click configure details name you see to check tags okay we're gonna enable this create rule ok let's try it out shall we so I'm just gonna select this t2 micro that was running click action click Launch more like this okay then let's see the tags it has just one tags name so this easy two should come up and then get stopped because this does not have that special exception tag okay click this while they see two is coming up a little bit of self-promotion I do have a full-fledged udemy course on solderless it's over 16 hours and over like 180 lectures and not only I go over AWS lambda and api gateway which basically basic requirements of several s we learn devops with entire AWC ICT services code commit code build code deploy code pipeline code star we learn AWS Sam serverless versus container service framework several as best practices architecture patterns debugging peer programming using cloud 9 tracing using x-ray cloud watch login sites how to use security step functions comprehend a real-world project dynamodb serverless aurora a limitation up several less and much more so you can see there around like 1650 students already enrolled with pretty decent ratings and there's a sale going on and this is available for $9.99 I will put a link in the description alright back to our AC 200 ok so it becomes stopping so basically it came up for running for a second or something then the cloud watch even got triggered the lambda got triggered and then now it's stopping so we should get an email as well so it stopped see if I go to my email Oh easy to father a company Policy Manager will be notified okay so it says ec2 these stopped all right so our lambda is working our guys and girls that is the video if you liked the video please smash that like button and click Subscribe I will see you guys and girls in the next lecture bye

Info

Channel: Agent of Change

Views: 9,106

Rating: 4.8139534 out of 5

Keywords: serverless, boto3 aws, boto3, boto3 tutorial, stop ec2 instance using lambda

Id: RL-mQWFWJcM

Channel Id: undefined

Length: 18min 36sec (1116 seconds)

Published: Sat May 09 2020